Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
688
Views
0
Helpful
2
Replies

Rule creation information

carryonjay
Level 1
Level 1

‎05-24-2016 03:36 AM - edited ‎03-12-2019 06:01 AM

Hi guys, 

We are using Sourcefire Firesight for the IDS purpose.  Someone has created few rules which are capturing the heavy traffic. I would like to know how to get the information about rule creator? 

Appreciate your help.

Thanks, 

Regards,

Jay 

Labels:
0 Helpful
2 Replies 2

ankojha
Level 3
Level 3

‎05-25-2016 04:45 AM

Hi Jay,

You can check the local rules that are created under Policy->Intrusion policy->rule editor

and you can either disable/enable them as per your requirement.

Also, regarding writing optimized snort rules you can refer to below document :

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node27.html

Rate if it helps.

Thanks,

Ankita

0 Helpful

carryonjay
Level 1
Level 1
In response to ankojha

‎05-25-2016 05:03 AM

Hi Ankita,

Thanks for your great help. Actually, I would  also like to know if anyone has created rule or made any modification, can we track that or is there any way to get those audit information? 

Kind regards,

Jay 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card